[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

oracle user security

Posted on 2015-01-08
4
Medium Priority
?
204 Views
Last Modified: 2015-01-16
I have a reporting database which is refreshed every day from Production. Users like to keep their existing passwords and roles and privileges assigned to them. How this task can be achieved in Oracle 11g rel 2.

Elaborate: Production database :- CRDPRD  
                   Reporting database:-     CRDRPT  
Reporting database is refreshed every night from Production using RMAN backup and we have a cron script (shell script runs on the database) which runs everyday on the reporting database (CRDRPT)  after the refresh. The password and usernames are hard-coded with username and a common password to every users. All users have same role (read only) except a few which has update privileges also. Most users are created on the reporting database  (from the same shell script) as only some users are present in the Production environment.
The issue is if some users change  their passwords then the next day they will again be overwritten by the script with the default passwords. They want their passwords be retained unless they change it.
Please let me know the best way to achieve this task?
0
Comment
Question by:Oranew
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 74

Assisted Solution

by:sdstuber
sdstuber earned 1336 total points
ID: 40538107
you can simply copy the password columns from sys.user$  (password and spare4)

I don't mean select and update the sys table directly.  But select them from prod db, then construct alter user statements using those values.


for more information on how oracle stores passwords, see this article

http://www.experts-exchange.com/Database/Oracle/A_855-How-Oracle-Stores-Passwords.html
0
 
LVL 74

Assisted Solution

by:sdstuber
sdstuber earned 1336 total points
ID: 40538108
or, use dbms_metadata to extract the user information including the password hashes and then use those to construct alter user statements on the reporting db
0
 
LVL 29

Accepted Solution

by:
MikeOM_DBA earned 664 total points
ID: 40538264
Do you have standby db?
Then you can avoid the daily re-fresh by creating a Zero Data Reporting Database
;)
0
 

Author Closing Comment

by:Oranew
ID: 40553805
I was looking something to construct a sql with the user role and the password and run it in the refresh instance.We have standby for the DR purposes but this reporting instance have different users than production and existing users also have different roles in production and reporting with different passwords. Great answers though !! Really appreaciate your help. But very good idea for the standby as well. I liked it.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article started out as an Experts-Exchange question, which then grew into a quick tip to go along with an IOUG presentation for the Collaborate confernce and then later grew again into a full blown article with expanded functionality and legacy…
This post first appeared at Oracleinaction  (http://oracleinaction.com/undo-and-redo-in-oracle/)by Anju Garg (Myself). I  will demonstrate that undo for DML’s is stored both in undo tablespace and online redo logs. Then, we will analyze the reaso…
Via a live example show how to connect to RMAN, make basic configuration settings changes and then take a backup of a demo database
This video shows how to copy a database user from one database to another user DBMS_METADATA.  It also shows how to copy a user's permissions and discusses password hash differences between Oracle 10g and 11g.

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question